login
login
Image header Agence Europe
Europe Daily Bulletin No. 13910
Contents Publication in full By article 11 / 36
SECTORAL POLICIES / Digital

Digital Omnibus - Irish Presidency consults EU countries on pseudonymisation, data processing for AI and cookies

The Irish Presidency of the Council of the European Union is continuing its consultations with the Member States on the main issues still outstanding in the ‘Digital Omnibus’ package, which aims to simplify the General Data Protection Regulation (GDPR) and the Data Act on harmonised rules for fair access to and use of data (see EUROPE 13747/1). These points concern, in particular, the application of pseudonymised data and the processing of personal data for the purposes of developing artificial intelligence, as well as the list of activities that could be exempted from the obligation to obtain consent for cookies, among other subjects.

The file will be examined by the Antici subgroup on Simplification (AGS) on Thursday 16 July, on the basis of the progress made during the Cyprus Presidency. (see EUROPE 13893/15, 13897/15, 13885/10).

The Irish Presidency intends to gather the Member States’ views on the “key outstanding issues before developing a revised compromise text”, according to an internal Council note seen by Agence Europe. Its objective remains to reach an agreement between the EU Council and the European Parliament on this file by the end of the year.

Application of pseudonymisation. While the Commission had initially proposed amending the definition of personal data in the GDPR, the Member States instead focused their discussions on the arrangements for applying pseudonymisation under the new Article 29a, proposed in the latest compromise text, in particular on “how to achieve meaningful simplification and legal certainty on this issue”.

Processing of personal data for the development of AI. The Member States will also have to say whether they consider that new recital 33a, which replaces new Article 88c proposed by the Commission, provides “a sufficient level of legal certainty for organisations developing and operating AI systems”. The text confirms that the processing of personal data in the context of the development and deployment of an artificial intelligence system or model may, in certain cases, be regarded as pursuing a legitimate interest. 

Simplification provisions. The Member States are also invited to specify whether the provisions envisaged at this stage to lighten the regulatory burden are sufficient, such as harmonised lists and dedicated templates relating to certain specific obligations, exemptions from transparency obligations or other provisions aimed at facilitating the processing of certain categories of personal data, notably biometric data, or the removal of the obligation to notify the contact details of the Data Protection Officer to the national supervisory authority.

Exemptions from the consent requirement under the ePrivacy Directive. The latest compromise text does not include the proposed new Article 88b on centralised and automated consent for cookies. The Member States are invited to specify whether they consider that the current compromise text, which provides for an expanded “white list” of purposes for which consent would not be required for the storage of information, or access to information, in a user’s terminal equipment, is sufficient, including a new exception aimed at detecting and preventing fraud. (Original version in French by Ana Pisonero Hernández)

Contents

Russian invasion of Ukraine
SECURITY - DEFENCE
SECTORAL POLICIES
SOCIAL AFFAIRS - EMPLOYMENT
EXTERNAL ACTION
IRISH PRESIDENCY OF THE COUNCIL OF THE EUROPEAN UNION
INSTITUTIONAL
ECONOMY - FINANCE - BUSINESS
FUNDAMENTAL RIGHTS - SOCIETAL ISSUES
NEWS BRIEFS